Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

For decades the principle of least privilege has been a fundamental component of cybersecurity. The principle of least privilege revolves around granting users the minimum level of access necessary to perform their tasks, minimizing the risk of unauthorized access and data breaches.

Crystal Trawny, Optiv’s Practice Director, Privileged Account and Endpoint Privilege Management (PAM/EPM), joins host David Puner in exploring the ever-evolving identity landscape and how emerging threats impact organizations’ cybersecurity requirements. Through the eyes of an end user, Trawny shares best practices for overcoming change resistance, creating effective deployment timelines and avoiding scope creep.

As the digital landscape expands, organizations are facing a complex challenge: managing access to an ever-growing number of resources, applications, and services. The traditional approach of using identity groups to handle access control is becoming increasingly untenable. So, let's explore the causes behind role explosion and discuss the need for a paradigm shift towards a more scalable and efficient access management strategy. ‍

The recent rise of ransomware, attacks on supply chains and increasing costliness of privacy regulations has made cyber insurance an important topic of discussion. But it can be tricky to keep up with cyber insurance requirements. One of the most robust ways to meet those requirements is with multi-factor authentication (MFA).

In today's digital landscape, where data breaches and security threats are a constant concern, ensuring least privilege access is of utmost importance for companies operating in the cloud. Granting the principle of least privilege to employees helps minimize the risk of unauthorized access, accidental misuse, and insider threats. However, achieving and maintaining least privilege access can be challenging, often resulting in manual processes, delays, and potential security gaps.

Selecting an identity management solution is a critically important decision for any software organization. Identity management is a foundational component of good cloud security and can either be an enabler for scalability or a huge technical debt sink. Many organizations start with AWS by quickly throwing together their IAM infrastructure: some users, a few roles, and some policies.

The concept of privileged access management (PAM) has evolved over time, starting with the idea of role-based access control (RBAC) where permissions are assigned based on job roles. However, organizations soon realized that defining concrete roles for individuals was challenging due to the flexible and evolving nature of businesses. This led to the need for automating the access request process and empowering employees to self-serve and elevate their access based on their needs.

CEO and Co-Founder of Entitle, Ron Nissim recently had the opportunity to be a guest speaker on the renowned podcast, "Identity at the Center." Hosted by industry experts Jim McDonald and Jeff Steadman, this informative podcast focuses on identity security within the context of identity and access management (IAM). With their extensive experience in the field, Jim and Jeff bring listeners insightful conversations, industry news, and interviews with key figures from the identity management industry.